Add FAQ

Signed-off-by: Forest-L <lilin@yunify.com>
2020-12-29 15:24:05 +08:00 · 2020-12-29 15:24:05 +08:00 · d7ef7250d4
parent c4f491b19f
commit d7ef7250d4
3 changed files with 45 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -32,7 +32,7 @@ NAME        SEVERITY   TIME                        MESSAGE
 scheduler   Fatal     2020-11-27T17:09:59+08:00   Get http://127.0.0.1:10251/healthz: dial tcp 127.0.0.1:10251: connect: connection refused
 etcd-0      Fatal     2020-11-27T17:56:37+08:00   Get https://192.168.13.8:2379/health: dial tcp 192.168.13.8:2379: connect: connection refused

-NAMESPACE       SEVERITY   NODENAME                                         EVENTTIME                   REASON                MESSAGE
+NAMESPACE       SEVERITY   PODNAME                                          EVENTTIME                   REASON                MESSAGE
 default         Warning    node3.164b53d23ea79fc7                           2020-11-27T17:37:34+08:00   ContainerGCFailed     rpc error: code = Unknown desc = Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
 default         Warning    node3.164b553ca5740aae                           2020-11-27T18:03:31+08:00   FreeDiskSpaceFailed   failed to garbage collect required amount of images. Wanted to free 5399374233 bytes, but freed 416077545 bytes
 default         Warning    nginx-b8ffcf679-q4n9v.16491643e6b68cd7           2020-11-27T17:09:24+08:00   Failed                Error: ImagePullBackOff
@ -54,6 +54,7 @@ insights-agent  Warning      cronjob-executor          Job          2020-11-27T1
 kube-system     Warning      calico-kube-controllers   Deployment   2020-11-27T17:09:59+08:00   [cpuLimitsMissing livenessProbeMissing]
 kube-system     Warning      coredns                   Deployment   2020-11-27T17:09:59+08:00   [cpuLimitsMissing]   
 ```
+> You can refer to the [FAQ](./docs/FAQ.md) content to optimize your cluster.

 ## What kubeye can do

@ -111,6 +112,7 @@ kube-system     Warning      coredns                   Deployment   2020-11-27T1
 | :white_check_mark: | PodDangerousCapabilities        | You have the dangerous option in capabilities such as ALL/SYS_ADMIN/NET_ADMIN|
 | :white_check_mark: | PodlivenessProbeMissing        | ReadinessProbe was not declared|
 | :white_check_mark: | privilegeEscalationAllowed        | Privilege escalation is allowed|
+|                    | NodeNotReadyAndUseOfClosedNetworkConnection        | http2-max-streams-per-connection |
 > unmarked items are under heavy development


--- a/docs/FAQ.md
+++ b/docs/FAQ.md
@ -0,0 +1,41 @@
+The main purpose of this document is how to recover and eliminate the problem when you diagnose certain problems by executing the Kubeye command.
+
+## Node-level issues
+
+1. Container runtime not ready: RuntimeReady=false reason:DockerDaemonNotReady message:docker: failed to get docker version: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
+```
+Message: There is a problem with the docker service that causes the node NotReady.
+Solution Ideas:
+1. On the corresponding node, such as: systemctl status docker, see if the service is Running or exist?
+2. If it's not running, start it. such as: systemctl start docker.
+3. If it's not exist, it means that the corresponding node is reset and need to add node or delete node.
+4. If start fails, such as: journalctl -u docker -f, see detailed docker logs.
+```
+
+## Pod-level issues
+
+1. message: Error, ImagePullBackOff
+```
+Message: ImagePullBackOff
+Solution Ideas:
+1. kubectl describe pod -n <namespace> <podName>, such as: kubectl describe pod -n default nginx-b8ffcf679-q4n9v.16491643e6b68cd7, see event's log.
+2. Compare the pulled image with the actual one needed.
+3. Whether the pulled image exists in the mirror repositroy?
+4. Check the mirror repositroy or try pulling it manually on another node in the cluster to see if it succeeds.
+5. If another node can pull, check if the corresponding node is configured to pull the mirror repository trust source.
+```
+
+## Best Practice issues
+
+1. message: cpuLimitsMissing
+```
+Message: The CPU Limits parameter is not set at the corresponding pod resource
+Solution Ideas:
+Specific values refer to the actual application, such as, 
+spec:
+  containers:
+  - image: nginx:latest
+    resources:
+      limits:
+        cpu: 200m
+```
--- a/pkg/validator/audit.go
+++ b/pkg/validator/audit.go
@ -99,7 +99,7 @@ func Cluster(configuration string, ctx context.Context, allInformation bool) err
 	}

 	if len(clusterCheckResults) != 0 {
-		fmt.Fprintln(w, "\nNAMESPACE\tSEVERITY\tNODENAME\tEVENTTIME\tREASON\tMESSAGE")
+		fmt.Fprintln(w, "\nNAMESPACE\tSEVERITY\tPODNAME\tEVENTTIME\tREASON\tMESSAGE")
 		for _, clusterCheckResult := range clusterCheckResults {
 			s := fmt.Sprintf("%s\t%s\t%s\t%s\t%s\t%-8v",
 				clusterCheckResult.Namespace,